<?php
  include('header.php');
  include('functions.php');
  include('show_smilies.php');
  $hide_footer = 1;
  if ($_SESSION['signed_in'] == false) {
      //the user is not signed in
      echo '<hr><br /><div align="center"><span style="color:red">' . $l_you_need_to . ' <a href="signin.php">' . $l_login_s . '</a> ' . $l_in_order . ' <br>' . $l_u_also . ' <a href="signup.php">' . $l_register_s . '</a> ' . $l_for_acc . '</span></div><br />';
  } else {
      if ($_SERVER['REQUEST_METHOD'] != 'POST') {
	  if(!is_numeric($_GET['t']) OR !is_numeric($_GET['p'])) {
      header('location: index.php');
      }
	  
	  
	      $result = $db->query("SELECT topic_status FROM " . $table_prefix . "topics WHERE topic_id = " . mysql_real_escape_string($_GET['t']) . "");
          $qqq += 1;
          if (!$result) {
              echo "$l_error_occured";
              die;
          }
          $check_status = $db->fetch_array($result,'assoc');
          if ($check_status['topic_status'] == 1 and $_SESSION['user_level'] < 1) {
              echo '<hr><br /><div align="center">' . $l_error_tlocked . ' </div>';
          }
          {
              //the user is signed in
              //the form hasn't been posted yet, display it
              //retrieve the categories from the database for use in the dropdown
			  $sql = $db->query("SELECT post_content, post_by, post_subject, post_date FROM " . $table_prefix . "posts WHERE post_id = " . mysql_real_escape_string($_GET['p']));
              if (!$sql) {
                  echo $l_error_post_err;
              } else {
                  if (mysql_num_rows($sql) == 0) {
                      echo $l_error_post_err2;
                  } else {
                      $text = $db->fetch_array($sql,'assoc');
                      $to_time = strtotime(date($date_format));
                      $from_time = strtotime($text['post_date']);
                      
                      $edit_time = ($to_time - $from_time) / 60;
                      
                      if ($edit_time >= $edit_post_time and $_SESSION['user_level'] < 1 and $_SESSION['signed_in'] == true) {
                          echo '<hr><br /><div align="center">' . $l_error_no_edit . '</div><br/>';
                      } else {
                          //If NOT my post
                          if ($text['post_by'] != $_SESSION['user_id'] and $_SESSION['user_level'] != 1) {
                              echo '<hr><br /><div align="center">' . $l_error_no_edit . '</div><br/>';
                          } else {
                              echo '<table><tr><th width="100%"><h3>' . $l_edit_post . '</h3></th></tr></table><hr />';
                              
                              $text['post_content'] = str_replace("[b][b]", "[b]", $text['post_content']);
                              $text['post_content'] = str_replace("[/b][/b]", "[/b]", $text['post_content']);
                              $text['post_content'] = my_nl2br($text['post_content']);
                              $disable_smilies = "0";
                              if (isset($_POST['dissmilies']) && $_POST['dissmilies'] == 'on') {
                                  $disable_smilies = "1";
                                  $text['post_content'] = DisableSmilies($text['post_content']);
                              }
                              $text['post_content'] = BBDecode($text['post_content']);
                              
                              $editor_css = './style/' . $default_style . '/editor_reply.css';
                              $editor = './style/' . $default_style . '/editor.js';
                              if (mysql_real_escape_string($_GET['pn']) == 1) {
							      $subject = $db->query("SELECT topic_subject,topic_icon FROM " . $table_prefix . "topics WHERE topic_id = " . mysql_real_escape_string($_GET['t']) . "");
                                  $text2 = $db->fetch_array($subject,'assoc');
								  $text2["topic_subject"] = ltrim($text2["topic_subject"]);
								  $text2["topic_subject"] = rtrim($text2["topic_subject"]);
                                  $t_subject = '&nbsp; &nbsp;<b>' . $l_subject . ':</b><br />&nbsp; &nbsp;<input maxlength="70" type="text" size="72" value="' . $text2["topic_subject"] . '" name="topic_subject" /></input><br />';
                              } else {
                                  $t_subject = "";
                              }
                              if ($default_wysiwyg == "1") {
                                  $default_editor = "";
                              }
                              if ($default_wysiwyg != "1") {
                                  $default_editor = "initEditor(\"reply\", true);  SwitchEditor()";
                              }
                              
                              $t_icons = "";
                              $end_topic_icons = "";
                              if ($topic_icons == 0) {
                              $t_icons = "<!--";
                              $end_topic_icons = "-->";
                              }
                              $text_content = $text['post_content'];
                              //$text_content = htmlspecialchars(trim($text_content), ENT_QUOTES);
                              $text_content = str_replace("<br>", "\n", $text_content);
							  $text_content = my_nl2br($text_content);
                              $text_content = convEnt2($text_content);
							  if (isset($_POST['dissmilies']) && $_POST['dissmilies'] == 'on') {
                                  $disable_smilies = "1";
                                  $text_content = DisableSmilies($text_content);}
							$text_content = BBDecode($text_content);  
                              $text_content = str_replace('iframe', '%69%66%72%61%6D%65', $text_content);
                              $tags = array('{START_POSTFORM}', '{T_SUBJECT}', '{MORE_SMILIES}', '{DISABLE_SMILIES}', '{TEXT_POST}', '{F_ID}', '{T_ID}', '(PAGE)', '{PN}', '{P}', '{EDIT_BUTTON}', '{IF_SMILIES}', '{END_SMILIES}', '{EDITOR_CSS}', '{EDITOR}', '{WYSIWYG}', '{Message}', '{IF_ICONS}', '{END_ICONS}','{PREVIEW}','{DISABLE_BB}');
                              $data = array('', $t_subject, $l_more_smilies, $l_dissmilies, $text_content, $fid, mysql_real_escape_string($_GET['t']), mysql_real_escape_string($_GET['page']), mysql_real_escape_string($_GET['pn']), mysql_real_escape_string($_GET['p']), $l_edit_post, '', '', $editor_css, $editor, $default_editor, $l_message, $t_icons, $end_topic_icons,$l_preview_button,$l_disable_bb);
                              
                              if ($allow_smilies == 0) {
                                  $tags = array('{START_POSTFORM}', '{T_SUBJECT}', '{MORE_SMILIES}', '{DISABLE_SMILIES}', '{TEXT_POST}', '{F_ID}', '{T_ID}', '(PAGE)', '{PN}', '{P}', '{EDIT_BUTTON}', '{IF_SMILIES}', '{END_SMILIES}', '{EDITOR_CSS}', '{EDITOR}', '{Message}', '{IF_ICONS}', '{END_ICONS}','{PREVIEW}','{DISABLE_BB}');
                                  $data = array('', $t_subject,$l_more_smilies, $l_dissmilies, $text_content, mysql_real_escape_string($_GET['f']), mysql_real_escape_string($_GET['t']), mysql_real_escape_string($_GET['page']), mysql_real_escape_string($_GET['pn']), mysql_real_escape_string($_GET['p']), $l_edit_post, '<!--', '-->', $editor_css, $editor, $l_message, $t_icons, $end_topic_icons,$l_preview_button,$l_disable_bb);
                              }
                              
                              echo str_replace($tags, $data, file_get_contents('./style/' . $default_style . '/edit_post.html'));
                          }
                      }
                  }
              }
          }
      } else {
          // Check if message contain only spaces
          $spaces = array('&nbsp;');
          $_POST["reply"] = trim($_POST["reply"]);
          //a real user posted a real reply
          $blah = $_POST["reply"];
          if ((strlen($blah) < $min_post_characters) or (preg_match('|^\s*\z|', $_POST["reply"]))) {
              echo "<hr><br><div align=\"center\"><span style='color:red'>$l_message_few<br /><br /></span>
<a href=\"#\" onClick='history.go(-1)'>$l_back_to_prev</a></div><br><br>";
          } else {
              if (strlen($blah) < $min_post_characters) {
                  echo "<span style='color:red'>$l_message_few<br /><br /></span>
<a class=\"loginlink\" href='topic.php?t=" . mysql_real_escape_string($_GET['t']) . ">$l_back_to_prev</a>";
              }
              if ((strlen($blah) > $max_post_characters)) {
                  echo "<hr><br><div align='center'><span style='color:red'>$l_message_many<br /><br /></span>
<a class=\"loginlink\" href='topic.php?t=" . mysql_real_escape_string($_GET['t']) . ">$l_back_to_prev</a></div><br><br>";
              } else {
                  if ($_SERVER['REQUEST_METHOD'] = 'POST') {
				      $sql = $db->query("SELECT post_content, post_subject FROM " . $table_prefix . "posts WHERE post_id = " . mysql_real_escape_string($_GET['p']));
                      $text = $_POST['reply'];
					  $text = my_nl2br($text); //Remove double or miltiple new lines
                      $text = convEnt2($text);
                      $text = str_replace("\n", "<br>", $text);
                      $disable_smilies = "0";
                      if (isset($_POST['dissmilies']) && $_POST['dissmilies'] == 'on') {
                          echo "Smilies disabled.";
                          $disable_smilies = "1";
                          $text = DisableSmilies($text);
                      }
                      
					  $text = str_replace("\n", "<br>", $text);
					  if (!isset($_POST['dissbb'])) {
                          $text = BBCode($text);
                      }
					  $p_smilies = 0;
					  if (isset($_POST['dissmilies']))
					  {$p_smilies = 1;}
					  $result = $db->query("UPDATE " . $table_prefix . "posts SET post_content = '" . $text . "', post_edit_by = '" . mysql_real_escape_string($_SESSION['user_name']) . "', post_edit_date = NOW() + INTERVAL " . $server_time . " MINUTE  + INTERVAL " . $time_difference . " HOUR, post_smilies = $p_smilies  WHERE post_id = " . mysql_real_escape_string($_GET['p']) . "") or die(mysql_error());
                      
                      //this bellow will be used for caching and update categories last post
					  $delete_cache = $db->query("SELECT topic_cat FROM " . $table_prefix . "topics WHERE topic_id = " . mysql_real_escape_string($_GET['t']) . "");
                      $cache = $db->fetch_array($delete_cache,'assoc');
                      
                      if (isset($_POST['topic_subject'])) {
                          if (strlen($_POST['topic_subject']) < $min_post_characters) {
                              $subject = mysql_fetch_assoc($sql);
                              $t_subject = $subject['post_subject'];
                          }
						  $result2 = $db->query("UPDATE " . $table_prefix . "topics SET topic_subject = ' $t_subject',topic_icon = '" . mysql_real_escape_string($_POST['icon1']) . "' WHERE topic_id = " . mysql_real_escape_string($_GET['t']) . "") or die('error');
                          
                          //UPDATE categories
                          $result5 = $db->query("UPDATE " . $table_prefix . "categories SET cat_last_post_id=" . mysql_real_escape_string($_GET['t']) . ", cat_last_poster_id=" . $_SESSION['user_id'] . ",cat_last_post_subject='" . $_POST['topic_subject'] . "' WHERE cat_id = " . $cache['topic_cat'] . "") or die(mysql_error());
                      }
                      if (!$result) {
                          echo $l_error_no_save;
                      } else {
                          //DELETE CACHE
                          if ($forum_cache = "1") {
                              if (file_exists("./cache/forum" . $cache['topic_cat'] . ".php")) {
                                  unlink("./cache/forum" . $cache['topic_cat'] . ".php");
                              }
                          }
                          // END DELETE CACHE    
                          
                          echo '<hr/><br/><div align="center">' . $l_posted_success . '<br /><br /> <a class="loginlink" href="topic.php?t=' . mysql_real_escape_string($_GET['t']) . '&p=' . mysql_real_escape_string($_GET['p']) . '&page=' . mysql_real_escape_string($_GET['page']) . '#' . mysql_real_escape_string($_GET['p']) . '">' . $l_view_message . '</a>.<br /><a class="loginlink" href="index.php"><br /> ' . $l_back_to . '</a>. </div><br/><br/>';
                      }
                  }
              }
          }
      }
  }
  
  if ($hide_footer < 1) {
      include 'footer.php';
  }
  
  if ($pageTitle = "") {
      $pageTitle = $l_forumname;
  }
  // Get all the page's HTML into a string
  $pageContents = ob_get_contents();
  // Wipe the buffer 
  ob_end_clean();
  echo str_replace('<!--TITLE-->', $pageTitle, $pageContents);
?>
